const publicPath = ['/','/login','/login.html'];

/**
 * 判断是否有权访问
 */
function hasLimit(currUserLimits, path){
    return !!currUserLimits && !(currUserLimits.indexOf(path) === -1);
}

module.exports = function(data) {
    // console.log({identitys, limits, users});
    return function(req, resp, next) {
        console.log(req.path);
        var params = req.params;
        // var {identitys, limits, users} = data;
        var loginPath = !(publicPath.indexOf(req.path) === -1);
        // 如果有权限，则通过
        if(loginPath || hasLimit(data.currUserLimits, req.path)) {
            next();
        }else {
            next(new Error('没有访问权限'));
        }
    }
}